diff --git a/rules/falco-incubating_rules.yaml b/rules/falco-incubating_rules.yaml
index 2e43a029..77cb92d8 100644
--- a/rules/falco-incubating_rules.yaml
+++ b/rules/falco-incubating_rules.yaml
@@ -1256,7 +1256,7 @@
 
 # Detection for possible use of CVE-2023-4911
 # Based on https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
-- rule: Program possibly trying to use CVE-2023-4911
+- rule: Potential Local Privilege Escalation via Environment Variables Misuse
   desc: >
     Detect use of GLIBC_TUNABLES environment variable, which could be used for priviledge escalation to root on hosts running vulnerable glibc versions.
   condition: >
@@ -1264,4 +1264,4 @@
     and proc.env icontains GLIBC_TUNABLES
   output: Process run with GLIBC_TUNABLES environment variable which could be attempting priviledge escalation (env=%proc.env evt_type=%evt.type user=%user.name user_uid=%user.uid user_loginuid=%user.loginuid process=%proc.name proc_exepath=%proc.exepath parent=%proc.pname command=%proc.cmdline terminal=%proc.tty exe_flags=%evt.arg.flags %container.info)
   priority: NOTICE
-  tags: [maturity_incubating, host, users, mitre_privilege_escalation, CVE-2023-4911]
+  tags: [maturity_incubating, host, container, users, mitre_privilege_escalation, TA0111]